CVE-2012-1530

Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing an XSL file that triggers memory corruption when the lang function processes XML data with a crafted node-set.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
VendorProductVersion
adobeacrobat
9.0
adobeacrobat
9.0
adobeacrobat
9.1
adobeacrobat
9.1
adobeacrobat
9.1.1
adobeacrobat
9.1.1
adobeacrobat
9.1.2
adobeacrobat
9.1.3
adobeacrobat
9.1.3
adobeacrobat
9.2
adobeacrobat
9.2
adobeacrobat
9.3
adobeacrobat
9.3
adobeacrobat
9.3.1
adobeacrobat
9.3.1
adobeacrobat
9.3.2
adobeacrobat
9.3.2
adobeacrobat
9.3.3
adobeacrobat
9.3.4
adobeacrobat
9.3.4
adobeacrobat
9.4
adobeacrobat
9.4.1
adobeacrobat
9.4.1
adobeacrobat
9.4.2
adobeacrobat
9.4.2
adobeacrobat
9.4.3
adobeacrobat
9.4.3
adobeacrobat
9.4.4
adobeacrobat
9.4.4
adobeacrobat
9.4.5
adobeacrobat
9.4.5
adobeacrobat
9.4.6
adobeacrobat
9.4.6
adobeacrobat
9.4.7
adobeacrobat
9.5
adobeacrobat
9.5.1
adobeacrobat
9.5.2
adobeacrobat_reader
9.0
adobeacrobat_reader
9.1
adobeacrobat_reader
9.1.1
adobeacrobat_reader
9.1.2
adobeacrobat_reader
9.1.3
adobeacrobat_reader
9.2
adobeacrobat_reader
9.3
adobeacrobat_reader
9.3.1
adobeacrobat_reader
9.3.2
adobeacrobat_reader
9.3.3
adobeacrobat_reader
9.3.4
adobeacrobat_reader
9.4
adobeacrobat_reader
9.4.1
adobeacrobat_reader
9.4.2
adobeacrobat_reader
9.4.3
adobeacrobat_reader
9.4.4
adobeacrobat_reader
9.4.5
adobeacrobat_reader
9.4.6
adobeacrobat_reader
9.4.7
adobeacrobat_reader
9.5
adobeacrobat_reader
9.5.1
adobeacrobat_reader
9.5.2
adobeacrobat
10.0
adobeacrobat
10.0
adobeacrobat
10.0.1
adobeacrobat
10.0.1
adobeacrobat
10.0.2
adobeacrobat
10.0.3
adobeacrobat
10.1
adobeacrobat
10.1.1
adobeacrobat
10.1.2
adobeacrobat
10.1.3
adobeacrobat
10.1.4
adobeacrobat_reader
10.0
adobeacrobat_reader
10.0.1
adobeacrobat_reader
10.0.2
adobeacrobat_reader
10.0.3
adobeacrobat_reader
10.1
adobeacrobat_reader
10.1.1
adobeacrobat_reader
10.1.2
adobeacrobat_reader
10.1.3
adobeacrobat_reader
10.1.4
adobeacrobat
11.0
adobeacrobat_reader
11.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
acroread
quantal
Fixed 9.5.4-1quantal1
released
precise
Fixed 9.5.4-1precise1
released
oneiric
Fixed 9.5.4-1oneiric1
released
lucid
Fixed 9.5.4-1lucid1
released
hardy
ignored
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html
http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html
http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html
http://rhn.redhat.com/errata/RHSA-2013-0150.html
http://security.gentoo.org/glsa/glsa-201308-03.xml
http://www.adobe.com/support/security/bulletins/apsb13-02.html
http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1019
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16094
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html
http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html
http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html
http://rhn.redhat.com/errata/RHSA-2013-0150.html
http://security.gentoo.org/glsa/glsa-201308-03.xml
http://www.adobe.com/support/security/bulletins/apsb13-02.html
http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=1019
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16094